cybersecurity a critical component for emergency management conferenc · cybersecurity – a...

Download Cybersecurity A critical component for Emergency Management Conferenc · Cybersecurity – A critical…

Post on 11-Jun-2018

212 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Cybersecurity

    A critical component for Emergency Management

    Thursday, May 25, 2017 FOUO 1

    David Morgan CISSP, NSA/CNSS Security, CCNP, CIW SA, MCSE/MCSA

    Cybersecurity Officer | Information System Security Manager

    Information Technology Division - Cyber Security

    O: 512.424.2199 | C: 512.284.0885

  • Overview

    What is Cybersecurity?

    What Cybersecurity is not

    Various Malware Threats

    Security Awareness

    What do we mean by digital weapon?

    FOUO 2

  • Cybersecurity

    What is Cybersecurity? Is the body of technologies, processes and practices designed to

    protect networks, computers, programs and data from attack, damage or unauthorized access. In the computing context, the term security

    implies cybersecurity. (http://whatis.techtarget.com/definition/cybersecurity)

    What Cybersecurity is NOT Cybersecurity is NOT IT.

    FOUO 3

    http://whatis.techtarget.com/definition/cybersecurity

  • Malware Threats

    What is Malware? Malicious Software

    Many different types Virus Worms Trojans Spyware Ransomware Adware Rootkits

    Delivered through email, websites, pop-ups, P2P, cracked/pirated software, removable devices (CD/DVD, USB), etc.

    Computers, tablets, phones, TVs, etc. can get them. Mac is just as vulnerable as PC or Android

    FOUO 4

  • Malware Threats Virus

    Has to be manually triggered but then is activated and can do any number of malicious things

    Worms Similar to a virus but doesnt have to be activated and can self-

    replicate across a network

    Trojan Program that appears to have a desired function but actually is waiting

    for a trigger (time bomb) to perform a malicious action

    Spyware Program that collects information about the user without the users

    consent

    Ransomware

    FOUO 5

  • Cryptolocker

    FOUO 6

  • Hydracrypt

    FOUO 7

  • Security Awareness

    https://www.youtube.com/watch?v=KK_M-BeIGGQ

    FOUO 8

    https://www.youtube.com/watch?v=KK_M-BeIGGQhttps://www.youtube.com/watch?v=KK_M-BeIGGQhttps://www.youtube.com/watch?v=KK_M-BeIGGQ

  • Security Awareness

    Enter STUXNETthe first time in history that computer code has crossed over the threshold from cyberto physicalto cause damage. Most likely the most complex malware ever discovered

    About 500KB

    Contained several (more than a few) zero day exploits

    Released around 2008, not discovered for about 2 years

    Infected non-network-connected systems

    Digital certificates had to be counterfeited

    It changed the way cyber attacks will occurits out and cannot be recalled

    FOUO 9

  • Security Awareness

    asdf FOUO 10

    https://www.youtube.com/watch?v=KK_M-BeIGGQ

    https://www.youtube.com/watch?v=KK_M-BeIGGQhttps://www.youtube.com/watch?v=KK_M-BeIGGQhttps://www.youtube.com/watch?v=KK_M-BeIGGQ

  • Security Awareness

    FOUO 11

    https://www.youtube.com/watch?v=KK_M-BeIGGQ

    https://www.youtube.com/watch?v=KK_M-BeIGGQhttps://www.youtube.com/watch?v=KK_M-BeIGGQhttps://www.youtube.com/watch?v=KK_M-BeIGGQ

  • Security Awareness

    https://www.youtube.com/watch?v=KK_M-BeIGGQ

    FOUO 12

    https://www.youtube.com/watch?v=KK_M-BeIGGQhttps://www.youtube.com/watch?v=KK_M-BeIGGQhttps://www.youtube.com/watch?v=KK_M-BeIGGQ

  • Security Awareness

    11/8/2012Siemens software targeted by Stuxnet still full of holes Details from a cancelled Defcon presentation were revealed on

    Thursday in Seoul http://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.html

    FOUO 13

    http://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.htmlhttp://www.computerworld.com/article/2493358/security0/siemens-software-targeted-by-stuxnet-still-full-of-holes.html

  • Security Awareness

    - Presently there is no public acknowledgement of who created/deployed Stuxnet.

    - It is highly complex and required many different skillsets to build, as well as the unusual aspect of containing several, not just one, zero-day exploit.

    - It behaved like a rootkit.

    FOUO 14

  • Security Awareness

    The individual realization of the consequences of actions (with the ability to access intention and impact)

    http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/

    FOUO 15

    http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/http://securitycatalyst.com/why-the-definition-of-security-awareness-matters/

  • Security Awareness

    In Cyberattack on Saudi Firm, U.S. Sees Iran Firing Back

    http://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.html

    FOUO 16

    http://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.html

  • Security Awareness

    In Cyberattack on Saudi Firm, U.S. Sees Iran Firing Back

    http://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.html

    FOUO 17

    a person with privileged access to the Saudi state-owned oil companys computers, unleashed a computer virus to initiate what is regarded as among the most destructive acts of computer sabotage on a company to date. The virus erased data on three-quarters of Aramcos corporate PCs documents, spreadsheets, e-mails, files replacing all of it with an image of a burning American flag.

    http://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.htmlhttp://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-fir

Recommended

View more >